Vault not found in the subscription error occurs randomly azure devops pipeline

Question

I am updating key vault access policies from azure devops yaml pipeline. below is the standard code.

       - task: AzureCLI@2
        displayName: "Set KeyVault access policy for Web App"
        inputs:
          azureSubscription: "$(serviceConnection1)"
          scriptType: bash
          scriptLocation: inlineScript
          inlineScript: |
            az keyvault set-policy -n '$(KeyVaultName)' --secret-permissions get list --object-id '$(appId)'

The task succeeds but also fails lot of times with an error

"vault not found in the subscription" . The service principle has contributor rights to the keyvault.

Network of keyvault is set to "All Networks" ,hence no firewall rules.

I am pretty certain, there is no technical error here, but the task fails quite a lot of times with this error. Any help would be great.

Answer 1

Hello @mandar Jogalekar ,

Thanks for reaching out.

Ideally, we receive the message The Vault '$KeyVaultName' not found within subscription when the supplied name does not match a vault that is available in Azure, thus we would recommend that you use the --debug' parameter in combination with the above cmdlet which provides more insight from key aspects. Also, if feasible, could you supply the keyvault name directly in the cmdlet rather than using a variable? also also curious if the '$(KeyVaultName)' variable has any whitespace at the start or end of KeyVaultName.

az keyvault set-policy -n '{TypeKeyVaultName}' --secret-permissions get list --object-id '$(appId)' --debug

Here are some troubleshooting guidance on Azure CLI task within pipeline. If none of this works, then would recommend you to contact azure support as this requires a deeper investigation. Thank you for your cooperation on this matter

-----
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.